The use of this site and the content contained therein is governed by the Terms of Use. When you use this site you acknowledge that you have read the Terms of Use and that you accept and will be bound by the terms hereof and such terms as may be modified from time to time.
All text, graphics, audio, design and other works on the site are the copyrighted works of nasscom unless otherwise indicated. All rights reserved.
Content on the site is for personal use only and may be downloaded provided the material is kept intact and there is no violation of the copyrights, trademarks, and other proprietary rights. Any alteration of the material or use of the material contained in the site for any other purpose is a violation of the copyright of nasscom and / or its affiliates or associates or of its third-party information providers. This material cannot be copied, reproduced, republished, uploaded, posted, transmitted or distributed in any way for non-personal use without obtaining the prior permission from nasscom.
The nasscom Members login is for the reference of only registered nasscom Member Companies.
nasscom reserves the right to modify the terms of use of any service without any liability. nasscom reserves the right to take all measures necessary to prevent access to any service or termination of service if the terms of use are not complied with or are contravened or there is any violation of copyright, trademark or other proprietary right.
From time to time nasscom may supplement these terms of use with additional terms pertaining to specific content (additional terms). Such additional terms are hereby incorporated by reference into these Terms of Use.
Disclaimer
The Company information provided on the nasscom web site is as per data collected by companies. nasscom is not liable on the authenticity of such data.
nasscom has exercised due diligence in checking the correctness and authenticity of the information contained in the site, but nasscom or any of its affiliates or associates or employees shall not be in any way responsible for any loss or damage that may arise to any person from any inadvertent error in the information contained in this site. The information from or through this site is provided "as is" and all warranties express or implied of any kind, regarding any matter pertaining to any service or channel, including without limitation the implied warranties of merchantability, fitness for a particular purpose, and non-infringement are disclaimed. nasscom and its affiliates and associates shall not be liable, at any time, for any failure of performance, error, omission, interruption, deletion, defect, delay in operation or transmission, computer virus, communications line failure, theft or destruction or unauthorised access to, alteration of, or use of information contained on the site. No representations, warranties or guarantees whatsoever are made as to the accuracy, adequacy, reliability, completeness, suitability or applicability of the information to a particular situation.
nasscom or its affiliates or associates or its employees do not provide any judgments or warranty in respect of the authenticity or correctness of the content of other services or sites to which links are provided. A link to another service or site is not an endorsement of any products or services on such site or the site.
The content provided is for information purposes alone and does not substitute for specific advice whether investment, legal, taxation or otherwise. nasscom disclaims all liability for damages caused by use of content on the site.
All responsibility and liability for any damages caused by downloading of any data is disclaimed.
nasscom reserves the right to modify, suspend / cancel, or discontinue any or all sections, or service at any time without notice.
For any grievances under the Information Technology Act 2000, please get in touch with Grievance Officer, Mr. Anirban Mandal at data-query@nasscom.in.
The coronavirus (COVID-19) pandemic is rising day by day. The global death toll has passed 207 K, as on the day of writing this article, and the numbers are still growing. In this period of crisis, the hackers are all set to take advantage of the vulnerabilities that arise due to employees using their own devices, remote working, and more to steal data and money through ransomware.
In the past few weeks, there has been a rise in coronavirus related phishing emails. According to the security firm, Barracuda Networks, there were a total of 467,825 spear-phishing email attacks detected between March 1 and March 23, out of which, 9,116 were related to coronavirus.
So, how does a phishing attack work? Hackers send emails appearing to be from legitimate organizations sharing details and information about coronavirus.
How does a phishing email look like?
Attackers send emails containing malicious links or attachments. The message seems to have an important information and asks you to click on a link or open an attachment. If you click on any of them, you are likely to load a malicious software in your device.
Below is an example of scam email impersonating World Health Organization (WHO).
Another example below targets enterprises for payment.
Why phishing attacks rise during a crisis?
Attackers depend on deception. To achieve success, they create messages that generate a sense of urgency encouraging the recipients to click on links and share sensitive information. Crisis like COVID-19, give those attackers a great opportunity to cause significant damage.
During an emergency, people are looking for information, they are seeking directions from the government or other relevant authorities. When they receive a message appearing to be from reliable sources, they are more likely to fill in the blanks, click on links or download attachments. One such action, and later, the victim’s system is infected, and account is compromised.
As per an Acronis blog, “Now that individuals are deeply stressed, cybercriminals are using every angle of attack, including playing on the natural fear of COVID-19 and the desperate search for information. In the last two weeks, Acronis has seen a significant increase in cryptojacking, while ransomware attacks are growing rapidly as well.”
The number of users affected by cryptojackers grew significantly in the last couple of weeks.
Presently, there is chaos and fear amongst people due to the coronavirus pandemic. This is exposing new pathways for cyber criminals to prey on the vulnerable victims.
How to avoid phishing attacks in three steps
Just as you deal with the actual coronavirus, you can deal with the spread of scams by keeping yourself protected. Here are a few steps to keep you safe:
#1 Keep a check on communications from sources you don’t trust
These are possibly phishing attempts. During remote working at the time of pandemic, the many messages that we receive combined with the work pressure can lower our guards and we tend to open emails and click on links from trustworthy-looking organizations.
As a general rule, scrutinize messages from sources you don’t get regularly. For example, be aware of messages from unknown senders, or people from your organization like CEO, who do not usually communicate directly with you.
An example of such email received in our organization, that seems to be from our CEO, but is not.
#2 Build a strong cybersecurity awareness program
You can use cyber protection solutions like Acronis to avoid getting harmed from phishing attacks. In addition, organize security training programs from time to time.
Develop behaviours so employees know the indicators of a phishing attempt along with what they can do when they become a victim of it.
For example, the IT and security team can regularly distribute harmless phishing emails to employees and check how they react to it. Anybody that falls under it should be sent follow up emails explaining how they fell for the phishing attacks, what they could do instead, and reminding them to be more careful next time. Other tips to share with your employees can include checking spelling errors in emails, browsing online safely, and so on.
Along with this, it is important to check the risk presented by employees in and around your organization.
#3 Plan a new approach of cyber protection
Many cybersecurity strategies are centered around execution of defensive measures to protect a perimeter. Nowadays, phishing attacks are typically carried out with the help of artificial intelligence to bypass these perimeters and gain access to main systems or business processes.
In this situation, an advanced ransomware protection solution is important that focuses also on the data and not just the perimeter. This will provide safety to your organization’s devices against the most destructive types of malware that uses phishing scams for ransomware.
Acronis is one such solution. With Acronis by ZNetLive, you can protect data in Exchange Online (including In-Place Archives), OneDrive for Business and SharePoint Online. With Acronis Active Protection, you can stop ransomware with the backup industry’s most advanced, AI-based anti-ransomware technology.
Acronis Backup solution supports Windows, Mac, Microsoft Hyper-V, Linux KVM, VMware vSphere, Red Hat Enterprise, Amazon EC2, Azure VMs, Office 365, SharePoint, SQL Server, and many more.
If someone falls for a phishing scam in an organization, a cybersecurity solution like this can save business from damaging data loss and downtime.
Let’s all work together to stop the spread of scams like these, stay smart and stay safe!
Let us know what you do to avoid phishing attacks? Do you have a solution in place? We have experts to help you!
That the contents of third-party articles/blogs published here on the website, and the interpretation of all information in the article/blogs such as data, maps, numbers, opinions etc. displayed in the article/blogs and views or the opinions expressed within the content are solely of the author's; and do not reflect the opinions and beliefs of NASSCOM or its affiliates in any manner. NASSCOM does not take any liability w.r.t. content in any manner and will not be liable in any manner whatsoever for any kind of liability arising out of any act, error or omission. The contents of third-party article/blogs published, are provided solely as convenience; and the presence of these articles/blogs should not, under any circumstances, be considered as an endorsement of the contents by NASSCOM in any manner; and if you chose to access these articles/blogs , you do so at your own risk.
ZNet Technologies Private Limited, incorporated in 2009, is a cloud services provider offering cloud infrastructure and managed services to partners and end customers across the globe with a primary focus on India. We empower 90k+ websites.
The age-old idea of treating customers as gods forms the ancient bedrock of the emergence of the service industry. Subsequently, following the growth steps the service sector has taken, speak a lot about its transformative voyage. However, this…
Data science has become a vital element in disaster management systems all around the world in recent years. Utilising big data, machine learning, and predictive analytics can improve a country's ability to anticipate, prepare for, respond to,…
Employee engagement is a critical component of building a sustainable and thriving business. By creating a work environment that fosters employee engagement and motivation, organizations can unlock numerous benefits, including increased productivity…
For decades, the traditional office environment reigned supreme. But the winds of change have swept across the professional landscape, and remote work is rapidly becoming the new normal. While many are already familiar with the convenience and…
Future of Work - A Tipping Point
1) Executive Briefing
From the onset of civilization, the one thing that has been a constant is the evolution of work. The way we human beings have constantly evolved to adapt and adopt the changes around…
As the world changes dramatically due to COVID-19, organizations are searching for solutions to a wide variety of problems caused by or exacerbated by the pandemic, including finding cost-effective ways to continue operations without reducing the…